How to get user's group name from azure active directory in angular?

Using ng2-adal for connecting to azure directory(https://github.com/mazhisai/ng2-adal-QuickStart). I have successfully logged in and received group id similar to this --> "groups":["4ba2649e-20d2-40f4-a406-2ed897686403","43e19f05-c077-4716-b001-0ffb0d75fff8"].

How can I get group name from the above token using ng2-adal(preferred since I've done everything using it)

Answers:

Answer

I have successfully logged in and received group id similar to this --> "groups":["4ba2649e-20d2-40f4-a406-2ed897686403","43e19f05-c077-4716-b001-0ffb0d75fff8"].

For your angular application, you are using the implicit flow. AFAIK, the groups claim is under id_token, since you could see the groups claims, I assume that the number of groups which the current logged in user belongs no more than currently 6 or more groups. Details, you could follow Claims in id_tokens.

How can I get group name from the above token using ng2-adal(preferred since I've done everything using it)

The groups claim only lists limited number of groups a user belongs to. In order to acquire the group name, you need to explicitly call the related REST API (AD Graph > Get a group or Microsft Graph > Get group).

For retrieving the access_token, you need to call:

this.adalService.acquireToken(resource: string)

Note: For AD Graph API, you need to pass https://graph.windows.net, while for Microsoft Graph API, you need to pass https://graph.microsoft.com.

I would prefer use Microsoft Graph, the request would look as follows:

GET https://graph.microsoft.com/v1.0/groups/{id}?$select=displayName
Header: Authorization:Bearer {access_token}

Note: If the groups claim does not exist and there has a hasgroups claim, I assume that the group number of current logged in user belongs over the limitation, you may need to call the Graph API to retrieve the groups which the current logged in user belongs.

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.